fa27d31593c40ead0da3234eb1f04d2fc6f65d183e7b6b7042b1112b4dd0ced9

Sharing

Copy URL Twitter E-mail

General

Target

fa27d31593c40ead0da3234eb1f04d2fc6f65d183e7b6b7042b1112b4dd0ced9
Size

164KB
MD5

0d2bfe3d1e8ebfd908fd62af72336540
SHA1

d7619b4a70dfe88e1f42346696fec38bc3226acc
SHA256

fa27d31593c40ead0da3234eb1f04d2fc6f65d183e7b6b7042b1112b4dd0ced9
SHA512

572b349e2fedbab1b5d52322e39a9a4a8ac76fd490bf03d92ce14499d6e5344b47a1c7c2a79f28ec8ea6c1fcb3d26c2bd9d12a8b7f5dd7c6442937b8b9a82743
SSDEEP

3072:20OB79FU2rRQ40c9OHK5gnrWSht6tAk63exP0Jjyf3Qkmn/39FQz:20yjrm4ZOqerWqR33exPxv039FQ

Score

N/A

Malware Config

Signatures

Files

fa27d31593c40ead0da3234eb1f04d2fc6f65d183e7b6b7042b1112b4dd0ced9
.exe windows x86

ef52af183ab4bfc15ffc5bf03f11102c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfW
GetClientRect
ReleaseDC
IsRectEmpty
TranslateMessage
FillRect
GetDC
PeekMessageW
CopyRect
SetRectEmpty
DispatchMessageW
OffsetRect
GetWindowRect

gdi32

GetObjectType
DeleteDC
GetObjectW
CreateSolidBrush
SetBkColor
BitBlt
DeleteObject
CreateCompatibleBitmap
CreateDIBSection
SetBrushOrgEx
CreateDCW
CreateCompatibleDC
CreateBitmap
StretchBlt
GetDIBits
SelectObject
SetStretchBltMode

advapi32

RegDeleteKeyW
RegCreateKeyW
RegSetValueW
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyA

avifil32

AVISaveOptions
AVIMakeCompressedStream

shell32

SHGetSpecialFolderPathA

kernel32

QueryPerformanceCounter
GetModuleFileNameW
lstrlenA
LeaveCriticalSection
CreateDirectoryA
OutputDebugStringA
CloseHandle
InitializeCriticalSection
FindClose
WaitNamedPipeA
GetSystemTime
WaitForSingleObject
CopyFileA
InterlockedExchange
RemoveDirectoryW
WideCharToMultiByte
ReleaseMutex
GetProcAddress
FreeLibrary
GetTickCount
GetProcessAffinityMask
DeleteCriticalSection
GetTempPathW
LocalAlloc
GetLastError
GetThreadLocale
MultiByteToWideChar
OutputDebugStringW
EnumResourceTypesW
GetFileAttributesA
CreateDirectoryW
MulDiv
GetACP
GetTempFileNameA
CreateMutexA
GetCurrentThreadId
DeleteFileA
GetModuleFileNameA
LoadLibraryW
GetCurrentProcessId
FindFirstFileW
EnterCriticalSection
InterlockedIncrement
SetFilePointer
lstrlenW
ExitProcess
GetTempPathA
LocalFree
InterlockedDecrement
SetFileAttributesA
ReadFile
DeleteFileW
WriteFile
DisableThreadLibraryCalls
SetFileAttributesW
GetTempFileNameW
GetVersionExA
CreateFileA
Sleep
GetLocaleInfoA
FindNextFileW
GetVersionExW
GetSystemTimeAsFileTime

ole32

StringFromGUID2
CoUninitialize
CoCreateInstance
CoFreeUnusedLibraries
CoInitialize

winmm

timeGetTime

shlwapi

PathFileExistsA
PathAppendW
PathFileExistsW
PathCombineW
PathIsDirectoryW
PathRenameExtensionW
PathRemoveBackslashW
PathAddBackslashW
PathRemoveFileSpecW

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef52af183ab4bfc15ffc5bf03f11102c

Headers

File Characteristics

Imports

user32

gdi32

advapi32

avifil32

shell32

kernel32

ole32

winmm

shlwapi

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 60KB - Virtual size: 60KB

.tls Size: 1024B - Virtual size: 100KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 60KB - Virtual size: 60KB

.tls
Size: 1024B - Virtual size: 100KB